This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft File: 3keU2fyrI-wF3d1QSKP8cgQAKio.mft (raw, json) Hash identifier: 0NwMLIJli/6/r8la6uUl+4iQSDSbU+lj5ddUYQdFxMY= Subject key identifier: 4C:E0:5C:AE:77:DF:67:48:53:E4:16:83:07:58:76:57:05:6A:38:57 Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a Certificate serial: 019B59083239E2AC16251234E9E61DB86267 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft Manifest number: 10C6 Signing time: Fri 26 Dec 2025 05:01:07 +0000 Manifest this update: Fri 26 Dec 2025 05:01:07 +0000 Manifest next update: Sat 27 Dec 2025 05:01:07 +0000 Files and hashes: 1: 3keU2fyrI-wF3d1QSKP8cgQAKio.crl (hash: nEOKz1jWdKdTPNFkL7hKt3ucxNQ9nGv0SpGQIvGJN2E=) 2: ZK9gU4FBN8KUQTPHGhgGaXPIWjk.roa (hash: YFHfAWvmuV1pyKRAlUfEUWxi+ZLKrTZD/d9TC0Av1JQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:32:39:e2:ac:16:25:12:34:e9:e6:1d:b8:62:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a Validity Not Before: Dec 26 05:01:07 2025 GMT Not After : Dec 27 05:01:07 2025 GMT Subject: CN=4ce05cae77df674853e4168307587657056a3857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:7c:31:4a:8f:72:9a:61:7c:a0:d7:cc:e2:63: 82:64:6f:6c:44:62:1e:19:40:89:ae:ca:0d:49:b2: ab:82:67:30:fb:7c:90:9b:38:a5:bf:9d:d0:33:b6: 96:85:09:0c:98:db:9c:29:2f:b1:9b:1e:e2:21:2e: 40:65:13:2c:a8:b4:4b:fb:52:21:de:f1:a2:12:86: ec:66:04:e0:59:8a:a7:a0:c4:18:73:73:48:e5:65: 0b:9f:99:a6:c1:d7:9c:a6:25:2c:25:d9:2b:4b:67: f4:53:71:ab:a0:ef:20:44:5f:5a:d7:72:7c:3a:0b: 88:bd:1b:66:59:57:b9:02:ff:5c:da:1f:b8:d8:d6: ae:8f:80:16:b6:bf:e9:8a:6c:a7:34:58:55:36:51: 91:92:02:53:af:07:64:8e:4d:38:ab:a6:88:df:42: e7:d2:91:af:4c:9c:10:ed:79:c8:72:22:e7:28:78: bb:d8:d2:0a:f8:63:79:e3:85:77:de:d4:17:b3:79: e8:bb:dd:83:68:1a:9a:c3:e0:69:66:ec:61:26:75: 3d:5d:60:f3:62:19:19:2b:62:ca:de:0b:ef:b3:6b: d9:2c:e9:5f:d9:17:50:5d:51:e1:04:93:01:1b:11: ea:62:48:c9:09:92:21:c8:61:53:2d:31:7c:b6:39: a6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:E0:5C:AE:77:DF:67:48:53:E4:16:83:07:58:76:57:05:6A:38:57 X509v3 Authority Key Identifier: keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:83:3c:23:45:77:71:64:d2:bc:bc:13:a7:e1:4b:73:11:51: b1:a3:53:6c:33:b3:51:54:b1:30:5a:8f:fa:cc:17:cc:28:03: aa:29:bc:12:29:fd:78:51:3c:66:08:a2:ea:f8:75:48:be:d3: 82:45:a2:b0:53:5b:7c:69:ae:4a:52:3a:79:23:84:3d:79:9d: 59:fe:b4:21:a3:cb:62:18:f5:f2:6f:35:f5:35:52:5a:69:3a: 0c:6a:2c:99:b0:f2:a7:79:21:91:f9:ef:0b:51:11:a8:12:21: e6:7d:a8:a2:bd:91:cc:4f:f6:b9:6a:de:fc:d7:47:43:1c:1d: 03:de:ab:25:00:11:d6:30:e2:10:a1:55:b4:a6:a5:f0:ec:b5: 71:60:77:42:a0:b0:08:e4:48:b4:6b:b0:26:46:7c:c3:8c:27: dc:19:17:a5:a4:12:0f:68:2f:9d:75:b1:ae:58:07:51:e1:4f: 05:81:12:01:15:20:19:57:42:c6:58:9d:0c:91:96:55:35:6c: 03:5e:dd:e4:46:ab:a2:97:43:29:79:6c:d7:37:24:52:ce:f9: e0:0d:6c:2d:5d:5c:f0:77:e0:76:49:fa:ee:ef:37:9a:00:93: f5:c7:84:b1:d2:13:ff:f4:a5:b7:51:eb:ee:61:4a:21:c1:cb: aa:4d:f8:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCDI54qwWJRI06eYduGJnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlNDc5NGQ5ZmNhYjIzZWMwNWRkZGQ1MDQ4YTNmYzcyMDQw MDJhMmEwHhcNMjUxMjI2MDUwMTA3WhcNMjUxMjI3MDUwMTA3WjAzMTEwLwYDVQQD Eyg0Y2UwNWNhZTc3ZGY2NzQ4NTNlNDE2ODMwNzU4NzY1NzA1NmEzODU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53wxSo9ymmF8oNfM4mOCZG9sRGIe GUCJrsoNSbKrgmcw+3yQmzilv53QM7aWhQkMmNucKS+xmx7iIS5AZRMsqLRL+1Ih 3vGiEobsZgTgWYqnoMQYc3NI5WULn5mmwdecpiUsJdkrS2f0U3GroO8gRF9a13J8 OguIvRtmWVe5Av9c2h+42Nauj4AWtr/pimynNFhVNlGRkgJTrwdkjk04q6aI30Ln 0pGvTJwQ7XnIciLnKHi72NIK+GN544V33tQXs3nou92DaBqaw+BpZuxhJnU9XWDz YhkZK2LK3gvvs2vZLOlf2RdQXVHhBJMBGxHqYkjJCZIhyGFTLTF8tjmmbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEzgXK5332dIU+QWgwdYdlcFajhXMB8GA1UdIwQY MBaAFN5HlNn8qyPsBd3dUEij/HIEACoqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDIt ZjAxMTI5Mzk1M2Y1LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wODAwZmUtOWJkMi00ODhiLThjNDItZjAxMTI5Mzk1M2Y1 LzEvM2tlVTJmeXJJLXdGM2QxUVNLUDhjZ1FBS2lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYM8I0V3 cWTSvLwTp+FLcxFRsaNTbDOzUVSxMFqP+swXzCgDqim8Ein9eFE8Zgii6vh1SL7T gkWisFNbfGmuSlI6eSOEPXmdWf60IaPLYhj18m819TVSWmk6DGosmbDyp3khkfnv C1ERqBIh5n2oor2RzE/2uWre/NdHQxwdA96rJQAR1jDiEKFVtKal8Oy1cWB3QqCw CORItGuwJkZ8w4wn3BkXpaQSD2gvnXWxrlgHUeFPBYESARUgGVdCxlidDJGWVTVs A17d5EaropdDKXls1zckUs754A1sLV1c8Hfgdkn67u83mgCT9ceEsdIT//Slt1Hr 7mFKIcHLqk34Zg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:14 2025 by rpki-client